<?php
require_once 'lib/controllerWithoutGetOrPost.php';
include("header2.php");

if(isset($_POST['id'])) {
    $sql = <<<
        UPDATE Charity
        SET
            Name = '%s',
            ShowCharity = '%s',
            RegionID = '%d',
            CityTownID = '%d',
            CountryID = '%d',
            Blurb = '%s',
            Fax = '%s',
            TelephoneDD = '%s',
            Telephone = '%s',
            Suburb = '%s',
            Address2 = '%s',
            Address1 = '%s',
            ContactFirstName = '%s',
            ContactLastName = '%s',
            Email = '%s',
            DonateDirect = '%s',
            Web = '%s',
        WHERE ID = %d
EOT;
    $sql = sprintf($sql,
        mysql_real_escape_string($_POST['charityname']),
        mysql_real_escape_string($_POST['showcharity']),
        intval($_POST['regionid']),
        intval($_POST['citytownid']),
        intval($_POST['countryid']),
        mysql_real_escape_string($_POST['blurb']),
        mysql_real_escape_string($_POST['fax']),
        mysql_real_escape_string($_POST['telephonedd']),
        mysql_real_escape_string($_POST['telephone']),
        mysql_real_escape_string($_POST['suburb']),
        mysql_real_escape_string($_POST['address2']),
        mysql_real_escape_string($_POST['address1']),
        mysql_real_escape_string($_POST['contactfirstname']),
        mysql_real_escape_string($_POST['contactlastname']),
        mysql_real_escape_string($_POST['email']),
        mysql_real_escape_string($_POST['donatedirect']),
        mysql_real_escape_string($_POST['web']),
        intval($_POST['id'])
    );
    $result = mysql_query($update , $link);

}


$query = "Select Charity.`ID`, Charity.RegionID, CityTownID, Country.`ID` as CountryID, Charity.`Name` as CharityName, `Email`, `Web`, `DonateDirect`, `ShowCharity`, `ContactFirstName`, `ContactLastName`, `Suburb`, `Address1`, `Address2`, `Telephone`, `TelephoneDD`, `Fax`, `Blurb`, Country.`Name` as `CountryName`, CityTown.`Name` as CityTownName from Charity left join Country on Charity.CountryID = Country.ID left join CityTown on CityTown.ID = Charity.CityTownID where Charity.`ID` = ".mysql_real_escape_string($_GET['id']);

// Perform Query
$result = mysql_query($query, $link);

// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
    $message  = 'Invalid query: ' . mysql_error() . "\n";
    $message .= 'Whole query: ' . $query;
    die($message);
}

// Use result
// Attempting to print $result won't allow access to information in the resource
// One of the mysql result functions must be used
// See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.

while ($row = mysql_fetch_assoc($result)) {

echo "<div><a href=\"charitylist.php\">Back to list</a></div>";
echo "<form action=\"editcharity.php?id=".$_GET['id']."\" method=\"post\">
	<input name=\"id\" type=\"hidden\" value=\"".$_GET['id']."\" />
  <table>
    <tr><td>Name</td><td><input name=\"charityname\"  type=\"text\" value=\"".$row['CharityName']."\"/></td></tr>
  <tr><td>Email</td><td><input name=\"email\"  type=\"text\" value=\"".$row['Email']."\"/></td></tr>
<tr><td>Donate Direct</td><td><input name=\"donatedirect\"  type=\"text\" value=\"".$row['DonateDirect']."\"/></td></tr>
<tr><td>Web</td><td><input name=\"web\" type=\"text\" value=\"".$row['Web']."\" /></td></tr>
<tr><td>Contact First Name</td><td><input name=\"contactfirstname\"  type=\"text\" value=\"".$row['ContactFirstName']."\"/></td></tr>
<tr><td>Contact Last Name</td><td><input name=\"contactlastname\"  type=\"text\" value=\"".$row['ContactLastName']."\"/></td></tr>
<tr><td>Address 1</td><td><input name=\"address1\"  type=\"text\" value=\"".$row['Address1']."\"/></td></tr>
<tr><td>Address 2</td><td><input name=\"address2\"  type=\"text\" value=\"".$row['Address2']."\"/></td></tr>
<tr><td>Suburb</td><td><input name=\"suburb\"  type=\"text\" value=\"".$row['Suburb']."\"/></td></tr>
<tr><td>City/Town</td><td>
<select name=\"citytownid\">";
$quer = "Select `ID`, `Name` from CityTown";
$be = mysql_query($quer , $link);
echo "<option value=\"\">No city/town set</option>";
while ($row123 = mysql_fetch_assoc($be)) {
  
  if($row123['ID'] == $row['CityTownID']) {
    echo "<option selected=\"selected\" value=\"".$row123['ID']."\">".$row123['Name']."</option>";
  } else {
    echo "<option value=\"".$row123['ID']."\">".$row123['Name']."</option>";
  }
}
echo "</select>
</td></tr>
<tr><td>Region</td><td>
<select name=\"regionid\">";
$quer = "Select `ID`, `Name` from Region";
$be = mysql_query($quer , $link);
echo "<option value=\"\">No region set</option>";
while ($row123 = mysql_fetch_assoc($be)) {
  
  if($row123['ID'] == $row['RegionID']) {
    echo "<option selected=\"selected\" value=\"".$row123['ID']."\">".$row123['Name']."</option>";
  } else {
    echo "<option value=\"".$row123['ID']."\">".$row123['Name']."</option>";
  }
  

}
echo "</select>
</td></tr>

<tr><td>Country</td><td>
<select name=\"countryid\">";
$quer = "Select `ID`, `Name` from Country";
$be = mysql_query($quer , $link);
echo "<option value=\"\">No country set</option>";
while ($row123 = mysql_fetch_assoc($be)) {
  
  if($row123['ID'] == $row['CountryID']) {
    echo "<option selected=\"selected\" value=\"".$row123['ID']."\">".$row123['Name']."</option>";
  } else {
    echo "<option value=\"".$row123['ID']."\">".$row123['Name']."</option>";
  }
  

}
echo "</select>


</td></tr>

<tr><td>Telephone</td><td><input name=\"telephone\"  type=\"text\" value=\"".$row['Telephone']."\"/></td></tr>
<tr><td>Telephone DD</td><td><input name=\"telephonedd\"  type=\"text\" value=\"".$row['TelephoneDD']."\"/></td></tr>
<tr><td>Fax</td><td><input name=\"fax\"  type=\"text\" value=\"".$row['Fax']."\"/></td></tr>
<tr><td>Blurb</td><td><input name=\"blurb\" rows=\"10\" style=\"height:200px;\" type=\"textarea\" value=\"".$row['Blurb']."\"/></td></tr>
<tr><td>Show Charity</td><td><select name=\"showcharity\">";

if($row['ShowCharity'] == 1) {
  echo "<option value=\"1\" selected=\"selected\">Yes</option>";
  echo "<option value=\"0\">No</option>";
} else {
  echo "<option value=\"1\">Yes</option>";
  echo "<option value=\"0\" selected=\"selected\">No</option>";
}

echo "</select>
</td></tr>
<tr><td><input type=\"submit\" value=\"submit\" /></td></tr>

</table></body></html>";

}


//echo "<table><thead><tr><th>ID</th><th>Name</th><th>Email</th><th>Web</th><th>Donate Direct</th><th>Show Charity</th><th>Country</th><th>First Name</th><th>Last Name</th><th>Suburb</th><th>Address 1</th><th>Address 2</th><th>Telephone</th><th>Telephone DD</th><th>City/Town</th><th>Fax</th><th>Blurb</th> </tr></thead>";

/*	echo "<tr><td><a href=\"editcharity.php?id=".$row['ID']."\">Edit ID: ".$row['ID']."</a></td>";
	echo "<td>".$row['Name']."</td>";
	echo "<td>".$row['Email']."</td>";
	echo "<td>".$row['Web']."</td>";
	echo "<td>".$row['DonateDirect']."</td>";
	echo "<td>".$row['ShowCharity']."</td>";
	echo "<td>".$row['CountryName']."</td>";
	echo "<td>".$row['ContactFirstName']."</td>";
	echo "<td>".$row['ContactLastName']."</td>";
	echo "<td>".$row['Suburb']."</td>";
	echo "<td>".$row['Address 1']."</td>";
	echo "<td>".$row['Address 2']."</td>";
	echo "<td>".$row['Telephone']."</td>";
	echo "<td>".$row['TelephoneDD']."</td>";
	echo "<td>".$row['CityTownName']."</td>";
	echo "<td>".$row['Fax']."</td>";
	echo "<td>".$row['Blurb']."</td>";
	echo "</tr>";
   
}
echo "</table>";*/

// Free the resources associated with the result set
// This is done automatically at the end of the script
mysql_free_result($result);
mysql_close($link);
?>
